Fice

← Back to app

Privacy Policy

This Privacy Policy explains what personal data Fice collects when you use the website at ficeapp.com (the "Service"), why it's collected, how it's stored, and the rights you have over it. The policy is written to comply with the EU General Data Protection Regulation (GDPR) and applicable US state privacy laws (CCPA and similar).

1. Who runs Fice

The Service is operated by Michał Piaskowski, a private individual based in Poland (the "Operator", "we", "us"). For privacy questions or to exercise your rights under this policy, contact:

cognitra.adm@gmail.com

2. What data we collect

Account data

• Email address — used to identify your account and send verification / password-reset emails.
• Display name — a name you choose to be shown in the app.
• Hashed password — only if you sign up with email/password. Stored and managed by Firebase Authentication; we never see your password.
• Google account profile — if you sign in with Google: your email, display name, and profile photo (provided by Google to us under their authorization flow).

App data

• Focus session history (start time, duration, completion status, mode).
• In-app virtual currency, owned cards, achievement progress, login streak.
• App settings (theme, sound preferences, daily goal).
• An anonymous numeric Fice ID assigned to your account.

Technical data

• IP address and request logs — collected automatically by our hosting provider (Firebase Hosting) for security and abuse prevention.
• Browser type, device type — derived from request headers by hosting / Firebase services.
• Authentication cookies — set by Firebase to keep you signed in.
• Local storage — your app data is mirrored in your browser's localStorage so the app works offline.

Advertising data (with your consent)

• If you accept advertising cookies via the consent banner, Google AdSense may set cookies (such as __gads, __gpi) to show personalized ads. If you decline, AdSense will only show non-personalized ads.

3. Why we collect it (legal basis)

Under GDPR Article 6, each category of data has a specific legal basis:

• Contract — your email, password, app data, and Fice ID are necessary to provide the Service you signed up for.
• Legitimate interest — IP / request logs are kept for security, fraud prevention, and basic diagnostics.
• Consent — advertising cookies are set only after you agree via the consent banner. You can change your choice anytime by clearing cookies and reloading.
• Legal obligation — we may retain certain data if required by law.

4. Third parties we share data with

We do not sell your personal data. We use a small set of third-party processors who handle data on our behalf:

• Google Firebase (Authentication, Firestore, Hosting) — stores your account, app data, and serves the website. Firebase is operated by Google LLC and may transfer data to the United States under Standard Contractual Clauses.
• Google AdSense — serves advertising on the Service, with your consent. See Google's privacy policy.
• Google Fonts — fonts are loaded from Google's CDN. No personally identifying cookies are set, but your IP is visible to Google for the request.

5. How long we keep your data

• Account data and app data — kept as long as your account exists. If you delete your account from Settings, all data is removed within 30 days.
• Request logs — typically 30–90 days, retained by our hosting provider.
• Advertising cookies — managed by Google's policies; you can clear them anytime via browser settings.

6. Where your data is stored

Data is stored on Google's infrastructure. Firebase data may be stored or processed in the United States, the European Union, or other regions where Google operates data centers. International transfers rely on the EU Commission's adequacy decision for the United States and on Google's Standard Contractual Clauses.

7. Your rights

If you are in the EEA, the United Kingdom, or Switzerland, GDPR gives you the following rights:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate data.
• Erasure ("right to be forgotten") — ask us to delete your data. You can do this directly from Settings → Delete Account.
• Portability — request your data in a machine-readable format.
• Restriction — ask us to pause processing of your data.
• Objection — object to processing based on legitimate interest.
• Withdraw consent — change your cookie preferences anytime.
• Complaint — lodge a complaint with your local data protection authority. In Poland, this is the President of the Personal Data Protection Office (UODO).

Residents of California, Colorado, Connecticut, Virginia, and other US states with privacy laws have analogous rights, including the right to opt out of the sale or sharing of personal information. Use the consent banner or contact us to exercise these rights.

To exercise any right, email cognitra.adm@gmail.com. We respond within 30 days.

8. Children

Fice is not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with data, contact us and we will delete it.

9. Security

We use industry-standard security: HTTPS for all traffic, Firebase Authentication for credentials, and Firestore Security Rules to ensure your data is only accessible to you. No system is perfectly secure; if a breach affects you, we will notify you and the relevant authorities as required by law.

10. Changes to this policy

We may update this policy as the Service evolves. The "Last updated" date at the top reflects the current version. For material changes, we will notify users via email or in-app notice.

11. Contact

Questions, requests, or complaints: cognitra.adm@gmail.com

---

Terms of Service · Back to Fice